/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.wicketstuff.ki.example;

import org.apache.wicket.markup.html.panel.Panel;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.html.link.BookmarkablePageLink;
import org.apache.wicket.markup.html.link.Link;
import org.apache.wicket.Page;
import org.apache.wicket.PageParameters;
import org.apache.wicket.RestartResponseAtInterceptPageException;
import org.apache.wicket.model.PropertyModel;
import org.apache.ki.SecurityUtils;

/**
 * An example of a Wicket Panel using Ki's API.  Adapted from the 'UserPanel' example in
 * Wicket in Action, Chapter 11 (Security your application), listing 11.4.
 * <p/>
 * The Panel will show sign-in or sign-out links based on the user's current login state.
 *
 * @author Les Hazlewood
 * @since 13 Oct 2008
 */
public class UserPanel extends Panel {

    public UserPanel(String id, Class<? extends Page> logoutPageClass ) {
        super(id);

        add( new Label("fullname", new PropertyModel(this, "session.user.fullname") ) );

        PageParameters parameters = new PageParameters();
        parameters.add(SignOutPage.REDIRECTPAGE_PARAM, logoutPageClass.getName() );

        add( new BookmarkablePageLink( "signout", SignOutPage.class, parameters ) {
            public boolean isVisible() {
                //a 'user' will have one or more principals, so ensure there is at least one:
                return SecurityUtils.getSubject().getPrincipal() != null;

                //NOTE if the above call were the following:
                //
                //return SecurityUtils.getSubject().isAuthenticated();
                //
                //then the link would only be visible to users who logged in during the current session, but not
                //visible to 'remembered' users who haven't logged in during the current session.  So, we check
                //for a non null principal, which accounts for both currently authenticated users as well as
                //remembered users.  See the Ki RememberMeAuthenticationToken JavaDoc for why these two states
                //may occur.
            }
        });

        add( new Link("signin") {
            public void onClick() {
                throw new RestartResponseAtInterceptPageException(SignInPage.class);
            }

            public boolean isVisible() {
                return SecurityUtils.getSubject().getPrincipal() == null;
                //see the above comments why we check for a null principal here instead of
                //subject.isAuthenticated()
            }
        });
    }
}
